I guess you could run bcrypt on all your database's md5 hashes and do something like:
if entered_password.md5.bcrypt == stored_password:
stored_password = entered_password.bcrypt
login()
That way, you will only have to store the bcrypted md5 hashes, until the next time someone tries to log on - assuming that's the kind of back-end you have.
Someone asked a question similar to yours a while ago. Maybe the answers may be of help: http://news.ycombinator.com/item?id=4076257.
I guess you could run bcrypt on all your database's md5 hashes and do something like:
That way, you will only have to store the bcrypted md5 hashes, until the next time someone tries to log on - assuming that's the kind of back-end you have.